Security is often described as a continuum between convenience and safety. A system that requires ten layers of authentication may be very difficult to attack, but it may also be so inconvenient that it will never be used. At the opposite end, a system with no means of authentication or authorization is highly convenient for users but also highly insecure. Many security systems now offer two-factor authentication, which requires an additional piece of information beyond or in place of the traditional username and password combination. Some two-factor authentication systems may involve using an authentication server to perform a portion of the login process.
One downside of two-factor authentication systems that involve authentication servers is that access to the authentication servers may be lost. Access may be lost due to network outages and/or failures of the authentication servers. Thus, access loss either leads to the two-factor authentication system becoming a one-factor authentication system or locks-out users attempting authentication. The instant disclosure, therefore, identifies and addresses a need for systems and methods for providing two-factor authentication with an enterprise gateway when an authentication server is unavailable.